﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using Candy.Web.Data;
using Candy.Web.Model;


namespace Candy.Web.Data
{
    public static class CandySecurityManager
    {

        //gets the User object to a given user name
        internal static AuthUser GetUser(string userName)
        {
            //return HttpContext.Current.Profile.UserName;
            using (CandyAuth auth = new CandyAuth())
            {
                AuthUser ret = auth.GetUserByName(userName);
                return ret;
            }
        }

 

        internal static void CheckForRoleManagerOrHigher(string userName, ProjectDto project, string operation = null)
        {
            CheckForRoleManagerOrHigher(userName, project.Id, operation);
        }

        internal static void CheckForRoleMemberOrHigher(string userName, ProjectDto project, string operation = null)
        {
            CheckForRoleMemberOrHigher(userName, project.Id, operation);
        }

        internal static void CheckForRoleManagerOrHigher(string userName, int projectId, string operation = null)
        {
            if (!(IsOwner(userName, projectId) ))//|| IsSU(userName, projectId)))
                throw new UnauthorizedAccessException("Access denied for operation '" + operation + "'");
        }

        internal static void CheckForRoleMemberOrHigher(string userName, int projectId, string operation = null)
        {
            if (!(IsMember(userName, projectId) || (IsOwner(userName, projectId))))// || IsSU(userName, projectId))))
                throw new UnauthorizedAccessException("Access denied for operation '" + operation + "'");
        }

        internal static bool IsGuest(string userName, int projectId)
        {
            return Roles.IsUserInRole(userName, string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, projectId));
        }
        internal static bool IsMember(string userName, int projectId)
        {
            return Roles.IsUserInRole(userName, string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, projectId));
        }
        internal static bool IsOwner(string userName, int projectId)
        {
            
            return Roles.IsUserInRole(userName, string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId));
        }

        internal static IEnumerable<string> GetOwner(int projectId)
        {

            return Roles.GetUsersInRole(string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId));
        }


        //internal static bool IsSU(string userName, int projectId)
        //{
        //    return Roles.IsUserInRole(userName, string.Format(RoleDefinition.SU_ROLE, projectId));
        //}


        internal static void AddToGuests(string userName, int projectId)
        {
            if (!IsGuest(userName, projectId))
                Roles.AddUserToRole(userName, string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, projectId));
        }

        internal static void RemoveFromGuests(string userName, int projectId)
        {
            if (IsGuest(userName, projectId))
                Roles.RemoveUserFromRole(userName, string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, projectId));
        }


        internal static void AddToMembers(string userName, int projectId)
        {
            if (!IsMember(userName, projectId))
                Roles.AddUserToRole(userName, string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, projectId));
        }

        internal static void RemoveFromMembers(string userName, int projectId)
        {
            if (IsMember(userName, projectId))
                Roles.RemoveUserFromRole(userName, string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, projectId));
        }


        internal static void AddToOwners(string userName, int projectId)
        {
            if (!IsOwner(userName, projectId))
                Roles.AddUserToRole(userName, string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId));
        }

        internal static void RemoveFromOwners(string userName, int projectId)
        {
            if (IsOwner(userName, projectId))
                Roles.RemoveUserFromRole(userName, string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId));
        }

        internal static void CreateProjectRoles(ProjectDto project)
        {
            CreateProjectRoles(project.Id);
        }


        internal static void CreateProjectRoles(int projectId)
        {
            if (!Roles.RoleExists(string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, projectId)))
            {
                Roles.CreateRole(string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, projectId));
            }
            if (!Roles.RoleExists(string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, projectId)))
            {
                Roles.CreateRole(string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, projectId));
            }
            if (!Roles.RoleExists(string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId)))
            {
                Roles.CreateRole(string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, projectId));
            }
        }

        internal static void DeleteProjectRoles(ProjectDto project)
        {
            //foreach (var user in project.User)
            //{
            //    if(Roles.
            //}

            if (Roles.RoleExists(string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, project.Id)))
            {
                Roles.DeleteRole(string.Format(RoleDefinition.GUEST_ROLE_TEMPLATE, project.Id), false);
            }
            if (Roles.RoleExists(string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, project.Id)))
            {
                Roles.DeleteRole(string.Format(RoleDefinition.MEMBER_ROLE_TEMPLATE, project.Id), false);
            }
            if (Roles.RoleExists(string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, project.Id)))
            {
                Roles.DeleteRole(string.Format(RoleDefinition.OWNER_ROLE_TEMPLATE, project.Id), false);
            }
        }


    }
}